基于侧信道的流量筛选实现科学DMZ的高效流量监控

Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2018-03-14 DOI:10.1145/3180465.3180474

Hongda Li, Fuqiang Zhang, Lu Yu, Jon Oakley, Hongxin Hu, R. Brooks

{"title":"基于侧信道的流量筛选实现科学DMZ的高效流量监控","authors":"Hongda Li, Fuqiang Zhang, Lu Yu, Jon Oakley, Hongxin Hu, R. Brooks","doi":"10.1145/3180465.3180474","DOIUrl":null,"url":null,"abstract":"As data-intensive science becomes the norm in many fields of science, high-performance data transfer is rapidly becoming a core scientific infrastructure requirement. To meet such a requirement, there has been a rapid growth across university campus to deploy Science DMZs. However, it is challenging to efficiently monitor the traffic in Science DMZ because traditional intrusion detection systems (IDSes) are equipped with deep packet inspection (DPI), which is resource-consuming. We propose to develop a lightweight side-channel based anomaly detection system for traffic winnowing to reduce the volume of traffic finally monitored by the IDS. We evaluate our approach based on the experiments in a Science DMZ environment. Our evaluation demonstrates that our approach can significantly reduce the resource usage in traffic monitoring for Science DMZ.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"23 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2018-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Towards Efficient Traffic Monitoring for Science DMZ with Side-Channel based Traffic Winnowing\",\"authors\":\"Hongda Li, Fuqiang Zhang, Lu Yu, Jon Oakley, Hongxin Hu, R. Brooks\",\"doi\":\"10.1145/3180465.3180474\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As data-intensive science becomes the norm in many fields of science, high-performance data transfer is rapidly becoming a core scientific infrastructure requirement. To meet such a requirement, there has been a rapid growth across university campus to deploy Science DMZs. However, it is challenging to efficiently monitor the traffic in Science DMZ because traditional intrusion detection systems (IDSes) are equipped with deep packet inspection (DPI), which is resource-consuming. We propose to develop a lightweight side-channel based anomaly detection system for traffic winnowing to reduce the volume of traffic finally monitored by the IDS. We evaluate our approach based on the experiments in a Science DMZ environment. Our evaluation demonstrates that our approach can significantly reduce the resource usage in traffic monitoring for Science DMZ.\",\"PeriodicalId\":20513,\"journal\":{\"name\":\"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization\",\"volume\":\"23 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-03-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3180465.3180474\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3180465.3180474","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

随着数据密集型科学在许多科学领域成为常态，高性能数据传输正迅速成为核心科学基础设施需求。为了满足这样的需求，在大学校园内部署科学dmz的数量迅速增长。然而，由于传统入侵检测系统采用深度数据包检测(DPI)，耗费大量资源，难以对科学DMZ区域内的流量进行有效监控。我们建议开发一个轻量级的基于侧信道的异常检测系统，用于流量筛选，以减少最终由IDS监控的流量。我们基于Science DMZ环境中的实验来评估我们的方法。我们的评估表明，我们的方法可以显著减少Science DMZ流量监控中的资源使用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Towards Efficient Traffic Monitoring for Science DMZ with Side-Channel based Traffic Winnowing

As data-intensive science becomes the norm in many fields of science, high-performance data transfer is rapidly becoming a core scientific infrastructure requirement. To meet such a requirement, there has been a rapid growth across university campus to deploy Science DMZs. However, it is challenging to efficiently monitor the traffic in Science DMZ because traditional intrusion detection systems (IDSes) are equipped with deep packet inspection (DPI), which is resource-consuming. We propose to develop a lightweight side-channel based anomaly detection system for traffic winnowing to reduce the volume of traffic finally monitored by the IDS. We evaluate our approach based on the experiments in a Science DMZ environment. Our evaluation demonstrates that our approach can significantly reduce the resource usage in traffic monitoring for Science DMZ.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization

自引率

0.00%

发文量